Fedora 12 : Miro-2.5.4-3.fc12 / firefox-3.5.9-1.fc12 / galeon-2.0.7-22.fc12 / etc (2010-5506)

This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing one or more security updates.

Description :

Update to new upstream Firefox version 3.5.9 / XULRunner version
1.9.1.9, fixing multiple security issues detailed in the upstream
advisories: http://www.mozilla.org/security/known-
vulnerabilities/firefox35.html#firefox3.5.9 Update also includes all
packages depending on gecko-libs rebuilt against new version of
Firefox / XULRunner. CVE-2010-0173 CVE-2010-0174 CVE-2010-0175
CVE-2010-0176 CVE-2010-0177 CVE-2010-0178 CVE-2010-0181

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://www.mozilla.org/security/known-
https://bugzilla.redhat.com/show_bug.cgi?id=578147
https://bugzilla.redhat.com/show_bug.cgi?id=578149
https://bugzilla.redhat.com/show_bug.cgi?id=578150
https://bugzilla.redhat.com/show_bug.cgi?id=578152
https://bugzilla.redhat.com/show_bug.cgi?id=578154
http://www.nessus.org/u?0ac24798
http://www.nessus.org/u?9f0d8b51
http://www.nessus.org/u?45707846
http://www.nessus.org/u?36419eb9
http://www.nessus.org/u?3f84f64c
http://www.nessus.org/u?f2e07e80
http://www.nessus.org/u?f943d3f0
http://www.nessus.org/u?53c2f924

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Fedora Local Security Checks

Nessus Plugin ID: 47391 (fedora_2010-5506.nasl)

Bugtraq ID: 39122
39123
39125
39128
39133
39137

CVE ID: CVE-2010-0174
CVE-2010-0175
CVE-2010-0176
CVE-2010-0177
CVE-2010-0178

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now